Team: Spider-Pig

MySQL 5.1

cPanel & WHM version 60 is the last version of cPanel & WHM to support MySQL® 5.1 or below. Additionally, you will no longer be able to activate a remote MySQL profile if the server runs MySQL 5.1 or below.

Simple and Advanced SSL/TLS Wizard interfaces

As part of the implementation of wildcard SSL certificates, we added a Simple section to cPanel's SSL/TLS Wizard interface (Home >> Security >> SSL/TLS Wizard). It displays all of the account's domains in a single list. This section automatically determines the necessary number and arrangement of certificates to secure the domains that you select. It also adds a Resolve issues step that helps users to resolve issues, conflicts, or warnings.

If you prefer to order certificates by website (virtual host) list, click the Advanced tab on SSL/TLS Wizard interface (Home >> Security >> SSL/TLS Wizard). However, you cannot order wildcard certificates through the Advanced section.

Third-party AutoSSL provider modules

Domain TLS

We created the Domain TLS system to store and manage certificates for domains outside of Apache.

During the upgrade to cPanel & WHM version 60, servers will automatically copy current and valid certificates from the Apache SSL certificate storage to Domain TLS storage. Domain TLS does not copy expired or invalid certificates from Apache's SSL storage.

As users install, manage, and delete certificates through cPanel & WHM user interfaces or API calls, the system automatically performs the necessary updates to the Domain TLS index and certificate storage.

Team: Honey Badgers

EasyApache 4 Migration

The EasyApache 4 Migration interface (Home >> Software >> EasyApache 4) now displays your system's version of EasyApache and allows you to migrate from EasyApache 3 (EA3). You can also revert your system back to EA3 within the same interface.

Pre-flight migration

cPanel & WHM now determines if any blockers will arise when you attempt to migrate to EasyApache 4 (EA4). We created a pre-flight check to inform you of any potential blockers before you experience them during migration. Based on your third party vendor, you may receive a blocker, warning message, or informational message. Each of these messages will provide information about the blocker or issue, and how to fix it.

Extended PHP-FPM support

In cPanel & WHM version 60, we enabled the ability to set up and manage MultiPHP FPM pools in WHM's MultiPHP Manager interface (Home >> Software >> MultiPHP Manager). These pool options enable site configuration and for PHP-FPM to handle any incoming PHP requests that their domain receives. PHP-FPM increases the performance of the site with additional server resources. WHM's MultiPHP Manager interface (Home >> Software >> MultiPHP Manager) now prompts a user to install specific packages if their system does not contain the appropriate FPM dependencies.

Team: Loose Cannon

Create Support Ticket

In cPanel & WHM version 60, we added the ability for you to create cPanel support tickets from WHM's Create Support Ticket interface (Home >> Support >> Create Support Ticket). This feature streamlines the ticket creation process, automates SSH authorization, and decreases the time required to open a support ticket. In addition, it attempts to identify your support ticket requirements and redirects you to the cPanel Customer Portal as necessary. This feature only allows you to create a ticket for the server in which you access the Create Support Ticket interface. To open a ticket about multiple servers, use the cPanel Customer Portal website.

Team: Phoenix

Feature Spotlight feature

The cPanel interface now includes a Feature Spotlight feature that users will see when they log in to their cPanel accounts.

To dismiss the spotlight feature, click OK, or click anywhere in the interface. The spotlight will not reappear on future logins unless the user resets the cPanel interface via the Reset Page Settings option in the user menu.

Minified style CSS support

The cPanel style system now supports minified CSS files. You can supply style CSS files as the styles.css file, the styles.min.css file, or both. We strongly recommend that you include both the styles.css and styles.min.css files.

Team: Spider-Pig

PowerDNS option for Nameservers

You now have the option to choose the PowerDNS nameserver software in the Initial Setup Wizard or WHM's Nameserver Selection interface (Home >> Service Configuration >> Nameserver Selection). PowerDNS offers high performance and built-in support for DNSSEC.

DNSSEC with PowerDNS

We now allow users to enable DNSSEC on servers configured with PowerDNS. DNSSEC adds security to the DNS protocol by enabling DNS responses that can be validated and verified. This function is not available on servers that belong to a DNS cluster. If you enable DNSSEC on any domains on your server, you will not be able to enable DNS clustering on that server.

Context-sensitive Help in WHM

WHM now offers context-sensitive documentation. At the top of each interface, click on the question mark icon () to view documentation relevant to the section. Additionally, you can click the lifesaver icon () on the right side of the interface and then click Documentation to reach the same page.

Team: SWAT Team

New purge file setting

We added the Age of content to purge from users' File Manager Trash setting in the System section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). This setting determines the minimum age of files for the system to automatically purge from the .trash folders in user home directories. A value of 0 configures the server to purge all files from every user's .trash folder, regardless of age.

Team: Zero Cool

Disabled the distiller in EasyApache 4

We disabled the use of the Apache distiller --update flag in EasyApache 4.

Updated features

Team: Cobra

Mail SNI always enabled

As of cPanel & WHM version 60, the Dovecot and Exim servers always enable Mail SNI. We removed all Mail SNI controls from user interfaces.

We also deprecated API functions or parameters within functions that control Mail SNI functionality, and we no longer use the mail_sni_map file.

AutoSSL enabled by default on new installations

On new installations of cPanel & WHM, AutoSSL includes the cPanel (powered by Comodo) provider. An administrator can choose to enable AutoSSL in the feature showcase after cPanel & WHM version 60 is installed. Use WHM's Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL) to manage or disable AutoSSL.

AutoSSL no longer replaces non-AutoSSL certificates by default

We changed the behavior of AutoSSL so that it no longer replaces certificates that it did not issue. This behavior prevents the unexpected replacement of Extended Validation (EV) and Organizational Validation (OV) certificates from a certificate authority (CA) by AutoSSL-provided certificates.

Previously, AutoSSL replaced any certificate that was invalid or less than 3 days from expiration.

However, if you wish to allow AutoSSL to replace certificates that it did not issue, select the Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates. option in WHM's Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL).

Change in mail. alias behavior for Apache server

The system now automatically creates an Apache server alias for the mail. subdomain for each domain, parked domain, and addon domain (but not subdomains). This allows the mail alias to appear in the same virtual host as the parent domain. We made this change in order to simplify Mail SNI and SSL certificate management and reduce unnecessary mail client warnings.

For example, Apache will now respond to mail.example.com as an alias for example.com. However, Apache will not automatically respond to mail.subdomain.example.com as an alias for the subdomain.example.com subdomains.

www. subdomains must now pass a Domain Control Validation (DCV) check before cPanel's SSL/TLS Wizard interface (Home >> Security >> SSL TLS Wizard) automatically includes them in a certificate order. The previous behavior attempted to include all www. subdomains in certificate purchases through the SSL/TLS Wizard interface. If the DCV check failed, you could not complete the purchase through the cPanel Store.

We also updated UAPI's Market::request_ssl_certificates function so that the subject_names parameter no longer automatically includes the corresponding www. subdomain with every domain. If you wish to secure a www. subdomain in a certificate that you will order through API automation, you must explicitly declare it within the subject_names parameter.

Note:

www. subdomains of domains for which you order a certificate remain free of charge.

.htaccess files exclude DCV checks from HTTP redirections

We now automatically update .htaccess files to exclude DCV checks from HTTP redirections so that the DCV checks complete successfully. This resolves issues that some customers reported with AutoSSL and cPanel Market purchases.

Additional returns for Market API functions for wildcard certificates

To allow users to purchase wildcard certificates, we modified the following WHM and UAPI functions:

Also, if you maintain a Custom cPanel Market Provider module, you must use the x_price_per_wildcard parameter in your get_products_list subroutine to indicate wildcard products.

Transfer Tool delays updates to system

The system disables system and cPanel & WHM updates while there is an active session in the Transfer queue. This applies to both account transfers and configuration transfers.

Account creation performance improvement

We improved the account creation process performance due to more efficient handling of the BIND database. Also, we no longer use the operating system's useradd and userdel routines. You will see significantly reduced creation times for accounts.

BIND deferred restart time

We changed the BIND deferred restart time option in the System section of WHM's Tweak Settingsinterface (Home >> Server Configuration >> Tweak Settings). This setting allows you to specify the time (in seconds) that the dnsadmin service waits before it restarts BIND. The system silently discards additional restart requests in this time period. We recommend a setting between 300 and 600 seconds for busy servers and the default setting of 2 seconds on servers with few DNS changes.

This interface allows you to easily select multiple accounts to terminate, and it requires multiple confirmations before it removes the accounts and their data. You can also abort the account termination process for accounts in the termination queue.

cPanel interface sprites now use SVG format

We converted the image type of interface elements in cPanel's interface to SVG format. This reduces the size of many user interface icons and increases the rendering speed.

If an .svg file is not available, cPanel will fall back to use the equivalent .png file.

We also updated the WHM, cPanel, and Webmail logos to support the SVG format, and you can use .svg images for your cPanel plugin icons.

You can now use WHM's Customization interface (Home >> cPanel >> Customization) to upload .svg images for your custom-branded logos.

Mail script security improved

We expanded the Prevent nobody from sending mail option in the Mail section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). It now includes email that scripts send through any loopback address.

Team: Loose Cannon

Subaccount Invites

Disable Subaccount invites from WHM

In cPanel & WHM version 60, we added the ability for you to enable or disable new Subaccount invites from WHM's Tweak Settings- System interface (Home >> Server Configuration >> Tweak Settings). Previously, you could control this feature with the Reset Password for Subaccounts feature.

If you enabled the Reset Password for Subaccounts feature in cPanel & WHM version 56, this feature defaults to On.

If you disabled the Reset Password for Subaccounts feature in cPanel & WHM version 56, this feature defaults to Off.

In new installations of cPanel & WHM version 60, this feature defaults to On.

Rework of the ea-php-cli package

We reworked the ea-php-cli package to provide a new /usr/bin/php binary. This better emulates the behavior of EasyApache 3. For more information, read our EasyApache 4 and the ea-php-cli Package documentation.

Deprecated and removed items

Team: Phoenix

The x3 theme no longer ships with cPanel & WHM

New installations of cPanel & WHM will no longer include the x3 theme for the cPanel interface. When you upgrade to cPanel & WHM version 60 or higher on existing installations, we will not automatically remove the files for the x3 theme. However, we no longer support the x3 theme, and cannot guarantee that this theme will continue to function in future versions.

Interfaces in cPanel & WHM will not list the x3 theme in theme selection menus, regardless of whether the x3 theme's files exist on the server.

To ensure that new accounts do not use the deprecated and unsupported x3 theme, the RS setting now defaults to paper_lantern in the /etc/cpanel.config file.

Removed x3 theme-related interfaces

We have removed the following x3 theme-related interfaces and options from WHM:

Deprecated UAPI Functions

Team Cobra

cPanel, WebHost Manager, and WHM are registered trademarks of cPanel, Inc. for providing its computer software that facilitates the management and configuration of Internet web servers. ®2018 All rights reserved.